Re: [WiX-users] save username and password

Mailinglist Wed, 12 Sep 2007 05:36:57 -0700

Hi,

even if you use a custom action to encrypt and decrypt the credentials, it 
would be unsafe  to store them, cause they coud be found and decrypted.


The data you store can be hacked on (RegistryKeys, File) as well as your code 
that you use to store/encrypt/decrypt them. If you use tools, they can be 
extracted from the msi, if you use a stringkey for de/encryption, it can be 
extracted from the msi... no encryption is safe as long as all secrets are 
shipped with the data.

Oliver

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

_______________________________________________
WiX-users mailing list
WiX-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wix-users

Re: [WiX-users] save username and password

Reply via email to